Privacy Policy
Last updated: April 7, 2026
Cloudium Software Private Limited ("Cloudium", "we", "us", or "our") is committed to protecting the privacy and security of your personal data. This Privacy Policy explains how we collect, use, store, and protect your information in compliance with applicable Indian laws including:
- The Digital Personal Data Protection Act, 2023 (DPDP Act)
- The Information Technology Act, 2000 (IT Act)
- The Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (SPDI Rules)
1. Data Fiduciary Information
Cloudium Software Private Limited acts as the Data Fiduciary (as defined under the DPDP Act, 2023) for all personal data collected through this website.
| Entity | Cloudium Software Private Limited |
| hello@cloudium.io | |
| Grievance Officer | privacy@cloudium.io |
2. Personal Data We Collect
We collect the following categories of personal data:
- Contact information: Name, email address, phone number, company name — collected when you submit our contact form or engage with our services.
- Usage data: IP address, browser type, pages visited, time spent, referring URL — collected automatically through cookies and server logs.
- Communication data: Messages, enquiries, and any other information you voluntarily provide.
3. Purpose and Lawful Basis for Processing
Under the DPDP Act, 2023, we process your personal data based on your consent or for legitimate uses as specified in the Act:
| Purpose | Lawful Basis |
|---|---|
| Respond to your enquiries | Consent (contact form submission) |
| Provide and improve our services | Legitimate use / contractual necessity |
| Website analytics & performance | Consent (cookie consent) |
| Legal compliance | Compliance with law |
| Marketing communications | Explicit consent |
4. Sensitive Personal Data (SPDI Rules)
We do not collect Sensitive Personal Data or Information as defined under the SPDI Rules, 2011 (such as passwords, financial information, health data, biometric data, sexual orientation, or medical records) through this website. If our services require such data, explicit written consent will be obtained separately.
5. Your Rights as a Data Principal
Under the DPDP Act, 2023, you (the "Data Principal") have the following rights:
- Right to Access: Request information about the personal data we hold about you.
- Right to Correction: Request correction of inaccurate or misleading personal data.
- Right to Erasure: Request deletion of your personal data (subject to legal retention requirements).
- Right to Withdraw Consent: Withdraw consent at any time. This does not affect the lawfulness of processing performed prior to withdrawal.
- Right to Grievance Redressal: Lodge a complaint with our Grievance Officer or the Data Protection Board of India.
- Right to Nominate: Nominate another individual to exercise your rights in the event of your death or incapacity.
To exercise any of these rights, contact us at privacy@cloudium.io. We will respond within 30 days.
6. Data Retention
We retain personal data only for as long as necessary to fulfil the purpose for which it was collected, or as required by applicable law. Contact form submissions are retained for a maximum of 3 years unless you request earlier deletion.
7. Data Security
In compliance with Section 43A of the IT Act, 2000 and the SPDI Rules, we implement reasonable security practices including:
- Encryption of data in transit (TLS/SSL)
- Access controls and authentication
- Regular security audits and vulnerability assessments
- Secure hosting infrastructure with industry-standard certifications
8. Data Sharing & Cross-Border Transfers
We do not sell your personal data. We may share data with:
- Service providers: Hosting, analytics, and email services that assist in operating our website (under contractual obligations to protect your data).
- Legal authorities: When required by law, court order, or governmental authority.
Any transfer of personal data outside India will comply with the provisions of the DPDP Act, 2023 and will only be made to jurisdictions permitted by the Central Government.
9. Children's Data
Our website is not intended for individuals under the age of 18. We do not knowingly collect personal data from children. As per the DPDP Act, processing of a child's data requires verifiable consent from a parent or lawful guardian.
10. Grievance Redressal
In accordance with the IT Act, 2000 and DPDP Act, 2023, our designated Grievance Officer is:
Grievance Officer
Cloudium Software Private Limited
Email: privacy@cloudium.io
Complaints will be acknowledged within 48 hours and resolved within 30 days.
If you are not satisfied with our resolution, you may approach the Data Protection Board of India established under the DPDP Act, 2023.
11. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. Continued use of the website after changes constitutes acceptance of the revised policy.